Deploy lambda from docker image (broken)

deploy-lambda-from-docker-image/.gitignore

@@ -0,0 +1,12 @@
+*.js
+!jest.config.js
+*.d.ts
+node_modules
+
+# CDK asset staging directory
+.cdk.staging
+cdk.out
+
+# AWS CLI output
+outfile.txt
+output/*

deploy-lambda-from-docker-image/.npmignore

@@ -0,0 +1,6 @@
+*.ts
+!*.d.ts
+
+# CDK asset staging directory
+.cdk.staging
+cdk.out

deploy-lambda-from-docker-image/.prettierignore

@@ -0,0 +1,12 @@
+## Copied from .gitignore
+*.js
+!jest.config.js
+*.d.ts
+node_modules
+
+# CDK asset staging directory
+.cdk.staging
+cdk.out
+
+# AWS CLI output
+outfile.txt

deploy-lambda-from-docker-image/.prettierrc

@@ -0,0 +1 @@
+{}

deploy-lambda-from-docker-image/README.md

@@ -0,0 +1,49 @@
+# Deploy a Lambda from ECR
+
+This CDK app deploys a Lambda whose code is stored in a private S3 bucket.
+
+## Useful commands
+
+- `npm run build` compile typescript to js
+- `npm run watch` watch for changes and compile
+- `npm run check` checks if files are formatted
+- `npm run format` formats files
+- `cdk deploy` deploy this stack to your default AWS account/region
+- `cdk diff` compare deployed stack with current state
+- `cdk synth` emits the synthesized CloudFormation template
+
+## Deployment :rocket:
+
+### Build the Lambda handler
+
+Follow the instructions in [lambda-handler](../lambda-handler/README.md#Build-Docker-Container) to build the handler. Note the Docker image *DOES NOT* need to be built.
+
+### Deploy the Lambda
+
+#### \*nix/Mac
+
+`cdk deploy -c scope=<scope>`
+
+#### Git Bash on Windows
+
+`winpty cdk.cmd deploy -c scope=<scope>`
+
+This deploys a Lambda which when invoked will return a JSON string.
+
+To invoke the lambda via CLI execute the following command:
+
+`aws lambda invoke --function-name=<lambdaFunctionName> outfile.txt`
+
+Where `lambdaFunctionName` represents the Lambda function's name. The name of the function is exported by the CDK and therefore printed to the CLI. View the contents of `outfile.txt` to explore the Lambda's response.
+
+## Destruction :boom:
+
+> **Warning** To prevent accidental execution of the lambda and to prevent runaway cost, always destroy this AWS environment when it's not in use.
+
+### \*nix/Mac
+
+`cdk destroy -c scope=<scope>`
+
+### Git Bash on Windows
+
+`winpty cdk.cmd destroy -c scope=<scope>`

deploy-lambda-from-docker-image/bin/deploy-lambda-from-docker-image.ts

@@ -0,0 +1,17 @@
+#!/usr/bin/env node
+import "source-map-support/register";
+import * as cdk from "aws-cdk-lib";
+import { DeployLambdaFromDockerImageStack } from "../lib/deploy-lambda-from-docker-image-stack";
+
+const app = new cdk.App();
+const account = app.node.tryGetContext("account");
+const region = app.node.tryGetContext("region");
+const scope = app.node.getContext("scope");
+new DeployLambdaFromDockerImageStack(app, "DeployLambdaFromDockerImageStack", {
+  stackName: `lambdaFromDockerImage-${scope}`,
+  scope,
+  env: {
+    account: account || process.env.CDK_DEFAULT_ACCOUNT,
+    region: region || process.env.CDK_DEFAULT_REGION,
+  },
+});

deploy-lambda-from-docker-image/cdk.json

@@ -0,0 +1,62 @@
+{
+  "app": "npx ts-node --prefer-ts-exts bin/deploy-lambda-from-docker-image.ts",
+  "watch": {
+    "include": ["**"],
+    "exclude": [
+      "README.md",
+      "cdk*.json",
+      "**/*.d.ts",
+      "**/*.js",
+      "tsconfig.json",
+      "package*.json",
+      "yarn.lock",
+      "node_modules",
+      "test"
+    ]
+  },
+  "context": {
+    "@aws-cdk/aws-lambda:recognizeLayerVersion": true,
+    "@aws-cdk/core:checkSecretUsage": true,
+    "@aws-cdk/core:target-partitions": ["aws", "aws-cn"],
+    "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true,
+    "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true,
+    "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": true,
+    "@aws-cdk/aws-iam:minimizePolicies": true,
+    "@aws-cdk/core:validateSnapshotRemovalPolicy": true,
+    "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": true,
+    "@aws-cdk/aws-s3:createDefaultLoggingPolicy": true,
+    "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": true,
+    "@aws-cdk/aws-apigateway:disableCloudWatchRole": true,
+    "@aws-cdk/core:enablePartitionLiterals": true,
+    "@aws-cdk/aws-events:eventsTargetQueueSameAccount": true,
+    "@aws-cdk/aws-iam:standardizedServicePrincipals": true,
+    "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": true,
+    "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": true,
+    "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": true,
+    "@aws-cdk/aws-route53-patters:useCertificate": true,
+    "@aws-cdk/customresources:installLatestAwsSdkDefault": false,
+    "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": true,
+    "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": true,
+    "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": true,
+    "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": true,
+    "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": true,
+    "@aws-cdk/aws-redshift:columnId": true,
+    "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": true,
+    "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": true,
+    "@aws-cdk/aws-apigateway:requestValidatorUniqueId": true,
+    "@aws-cdk/aws-kms:aliasNameRef": true,
+    "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": true,
+    "@aws-cdk/core:includePrefixInUniqueNameGeneration": true,
+    "@aws-cdk/aws-efs:denyAnonymousAccess": true,
+    "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": true,
+    "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": true,
+    "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": true,
+    "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": true,
+    "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": true,
+    "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": true,
+    "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": true,
+    "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": true,
+    "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": true,
+    "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": true
+  }
+}

deploy-lambda-from-docker-image/lib/deploy-lambda-from-docker-image-stack.ts

@@ -0,0 +1,41 @@
+import * as cdk from "aws-cdk-lib";
+import { Construct } from "constructs";
+
+interface DeployLambdaFromDockerImageStackProps extends cdk.StackProps {
+  scope: string;
+}
+
+export class DeployLambdaFromDockerImageStack extends cdk.Stack {
+  constructor(
+    scope: Construct,
+    id: string,
+    props: DeployLambdaFromDockerImageStackProps,
+  ) {
+    super(scope, id, props);
+
+    const dockerImageCode = cdk.aws_lambda.Code.fromDockerBuild(
+      "../lambda-handler",
+      {
+        imagePath: "/var/task/",
+        outputPath: "output",
+      },
+    );
+
+    const lambda = new cdk.aws_lambda.Function(this, "dockerImageLambda", {
+      runtime: cdk.aws_lambda.Runtime.FROM_IMAGE,
+      code: dockerImageCode,
+      handler: "Handler.FROM_IMAGE",
+      description: "Lambda deployed from local Docker image",
+      timeout: cdk.Duration.seconds(3),
+      functionName: `dockerImageLambda-${props.scope}`,
+      logRetention: cdk.aws_logs.RetentionDays.ONE_DAY,
+      retryAttempts: 0,
+    });
+
+    new cdk.CfnOutput(this, "lambdaName", {
+      description: "Lambda function's name",
+      value: lambda.functionName,
+      exportName: `lambdaFunctionName-${props.scope}`,
+    });
+  }
+}